-
-
Notifications
You must be signed in to change notification settings - Fork 156
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add disable_cookies macro. #1180
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks good. Does this let us disable cookies being set for asset calls? My guess is no since those skip the RouteHandler and run through the StaticFilesHandler..... So I guess the better question is, do we need to be able to disable cookies at that level?
@jwoertink I think they are no longer set for assets at all since there is no longer a middleware. I think that is ok/expected since I can't think of a reason assets would need to have cookies sent right? I really don't know how this is typically handled in frameworks, but I'd imagine there is no reason to set them on assets and would just add extra bloat so I think we're good |
@jwoertink I had to look into it but I think cookies are not sent on requests for static assets. Here is an example:
Maybe that used to be the case before with the old |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looking good! Just one minor suggestion that should help with potential inheritance issues
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sweet. Cool with me! 👍
Co-authored-by: Paul Smith <paulcsmith@users.noreply.github.com>
This looks like just want I need to build it. Something we should consider later is to maybe disable the cookie as default for the API actions in lucky_cli. But that is for later. Good job @wout - Love you! :D |
Looks great! And thanks for verifying no cookies are sent for static files 👍 |
Purpose
Implements #1178.
Description
When used, the
Set-Cookie
header will not be written to the response headers.Checklist
crystal tool format spec src
./script/setup
./script/test